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DETAILED ACTION 



1. Claims 1-37 have been examined and rejected under 35 U.S.C. 102(e). 

2. Claims 1-23 are rejected under 35 U.S.C. 1 12, 2 nd paragraph. 

3. Minor informalities. 



The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and 
distinctly claiming the subject matter which the applicant regards as his invention. 

4. The term "unique" in claims 1,6,10,17, and 22 are a relative term which 

renders the claim indefinite. The term "unique" is not defined by the claim, the 

specification does not provide a standard for ascertaining the requisite degree, 

and one of ordinary skill in the art would not be reasonably apprised of the 

scope of the invention. 

Claims 1, 6, 10, 17, and 22, include the term "unique". The Examiner 
ascertains the term "unique" is motivated to describe how different (an 
identifier) it can be but fails to maintain to a requisite degree therefore, 
"unique" is a relative term. All other claims are refected by virtue of their 
dependency. 



Claim Refections - 35 USC §112 
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5. Claims 17 and 22 provides for the use of "the method comprising 
requesting access for a user to a remote resource", but, since the claim does 
not set forth any steps involved in the method/process, it is unclear what 
method/process applicant is intending to encompass. A claim is indefinite 
where it merely recites a use without any active, positive steps delimiting how 
this use is actually practiced. 

Claims 17 and 22 are rejected under 35 U.S.C. 101 because the claimed 
recitation of a use, without setting forth any steps involved in the process, 
results in an improper definition of a process, i.e., results in a claim which is 
not a proper process claim under 35 U.S.C. 101. See for example Ex parte 
Dunki, 153 USPQ 678 (Bd.App. 1967) and Clinical Products, Ltd. v. Brenner, 
255 F. Supp. 131, 149 USPQ 475 (D.D.C. 1966). 

The Examiner asserts that Applicant only disclosed a single means for 
claims 17 and 22. Applicant fails to disclose all the possible means of claims 
17 and 22, such as means for "requesting access", means for creating the 
"subject identifier", means for " making an access control decision", and means 
for which "identifies the user". 

All other claims are also rejected by virtue of their dependency. 
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Claim Rejections - 35 USC S 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), 
(2), and (4) of section 371(c) of this title before the invention thereof by the applicant for 



The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 
1 999 (AIPA) and the Intellectual Property and High Technology Technical Amendments 
Act of 2002 do not apply when the reference is a U.S. patent resulting directly or 
indirectly from an international application filed before November 29, 2000. Therefore, 
the prior art date of the reference is determined under 35 U.S.C. 102(e) prior to the 
amendment by the AIPA (pre-AIPA 35 U.S.C. 102(e)). 

5. Claims 1-16 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Saito (US 6,076,077). 

As per claim 1: 

Saito discloses a storage system comprising: 

a first storage area having an object stored therein; and [see coLl, line 
30 thru col.2, line 56] 

a second storage area having stored therein an object identifier that 
identifies the object, wherein the object identifier is unique within and outside 
of the storage system, [see coL4, lines 19-25] 



patent. 
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As per claim 2: 

Saito discloses the object identifier is a Universal Unique Identifier (UUID). [see 
col. 4, line 63-coL5, line 6] 

As per claim 3: 

Saito discloses the first and second storage areas are storage areas within a 
database, [see col. 5, lines 12-65] 

As per claim 4: Saito discloses the object identifier is a Universal Unique 
Identifier (UUID). [see col.4, line 63 thru col.5, line 6] 

As per claim 5: 

Saito discloses the storage system is part of an access control system, [see 
col.3, lines 49-54] 
As per claim 6: 

Saito discloses a memory comprising: 

a first storage area having an object stored therein; and [see col.l, line 30 
thru col.2, line 56] 

a second storage area having stored therein an object identifier that 
identifies the object, wherein the object identifier is unique within and outside 
of the storage system, [see col.4, lines 19-25] 

As per claim 7: Saito discloses the object identifier is a Universal Unique 
Identifier (UUID). [see coL4, line 63 thru coL5, line 6] 

As per claim 8: Saito discloses the first and second storage areas are storage 
areas within a database, [see col.5, lines 12-65] 
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As per claim 9: Saito discloses the object identifier is a Universal Unique 
Identifier (UUID). [see col.4, line 63 thru col.5, line 6] 
As per claim 10: 

Saito discloses a method of storing information in a storage system, 
comprising: 

storing an object in the storage system; and [see coLl, line 30 thru col. 2, line 



storing an object identifier in the storage system, wherein the object identifier 
identifies the object, and the object identifier is unique within and outside of 
the storage system. [coL4, lines 19-25] 

As per claim 11: as rejected on the same rationale as applied in claim 2. 
As per claim 12: 

Saito teaches the object identifier is stored in a database, [see col. 5, lines 12- 



As per claim 13: as rejected on the same rationale as applied in claim 12. 

As per claim 14: Saito discloses the object identifier is a Universal Unique 

Identifier (UUID). [see col.4, line 63-coL5, line 6] 

As per claim 15: Saito discloses the object identifier is a Universal Unique 

Identifier (UUID). [see col.4, line 63-col.5, line 6] 

As per claim 16: Saito discloses the storage system is part of an access 
control system, [see col. 3, lines 49-54] 



56] 



65] 
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6. Claims 17-37 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Sonderreger (US 5,893,118). 
As per claim 17: 

Sonderegger discloses an access control method comprising: 

requesting access for a user to a remote resource, wherein the request includes 

a subject identifier for use in making an access control decision, and wherein 

the subject identifier is unique within and outside of the remote resource and 

identifies the user, [see col.8 lines 30-55] 

As per claim 18: 

Sonderegger discloses the subject identifier is a Universal Unique Identifier 
(UUID). [see col.7, lines 30-35 and col.9, lines 9-12] 

As per claim 19: 

Saito discusses the request further includes a subject descriptor for use in the 
access control decision, [see col. 3, line 64 thru col. 4, line 10] 
As per claim 20: 

Saito discusses the subject descriptor is a UUID for an organizational structure 
that includes the user, [col.9, lines 5-12] 
As per claim 2 1 : 

Saito discusses the access control decision is made by a resource manager that 
protects the remote resource, and the request is sent over a communications 
path considered safe by the protecting resource manager and the user, 
[see col.7, line 62 thru col.8, line 3 and FIG.l] 
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As per claim 22: 

Sonderegger discloses a computer-readable medium having computer- 
executable code stored thereon comprising: 

requesting access for a user to a remote resource, wherein the request includes 
a subject identifier for use in making an access control decision, and wherein 
the subject identifier is unique within and outside of the remote resource and 
identifies the user, [see FIGs.7 and 8] 

As per claim 23: as rejected on the same rationale as applied in claim 18. 
As per claim 24: 

Sonderegger discloses a method of identifying a user requesting access to an 
object, comprising: 

establishing a secure communication path between a reference monitor 
protecting the object and a resource manager having information describing 
the user, in response to a request by the user to access the object; 
[see col.7, line 50 thru col.8, line 67 and FIGs. 7-8] 

sending a request for user information from the protecting reference 
monitor to the resource manager, the request including a subject descriptor for 
the user, wherein the subject identifier is a Universal Unique Identifier UUUID). 
[see col.7 lines 30-35] 
As per claim 25: 

Sonderegger discloses determining, based on the received user information, if 
the user has permission to access the request object, [see coLlO lines 48-67] 
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As per claim 26: 

Sonderegger discloses the user information includes information relating to an 
organization of which the user is member, [see col.9 lines 9-10 and FIG.7] 
As per claim 27: 

Sonderegger discloses an information storage management system, comprising: 
a collection of stored objects; [see col. 8, lines 11-14] 

an access control unit for determining if a requestor is authorized to 
access a protected object stored in the collection; [see coLlO, line 58 thru 
col. 11, line 5 and FIG. 8] 

a resource manager connected to the access control unit and to a 
communication channel; [see FIG.l] 

wherein the resource manager receives a user's request for access to the 
protected object, the request including a globally unique identifier for the user 
requesting the access, and in response to the user's request the resource 
manager sends over the communications channel to an external storage 
management system a request for information about the user, the request 
including the globally unique identifier; and [see col.9, lines 10 thru col. 11, line 
66] 

wherein the resource manager upon receiving a response including user 
information about the user passes the user information to the access control 
unit; and based on the user information the access control unit determines 
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whether to grant the subject access to the protected object, [see col. 10 lines 

59- 66 and FIG. 8] 

As per claim 28: 

Sonderegger discloses the globally unique identifier is a Universal Unique 
Identifier (UUID). [see col.7, lines 30-35 and coL9, lines 9-12] 

As per claim 29: 

Sonderegger discloses the user information is organization information 
indicating whether the user is a member of an organization, [see col. 10 lines 

60- 65] 

As per claim 30: 

Sonderegger discloses an information storage management system, comprising: 
a collection of stored objects; [see col.8, lines 11-14] 

an access control unit for determining if a requestor is authorized to 
access a protected object stored in the collection; [see col. 10, line 58 thru 
col. 11, line 5 and FIG. 8] 

a resource manager connected to the access control unit and to a 
communication channel; [see FIG.l] 

wherein the resource manager receives a user's request for access to the 
protected object, the request including a globally unique identifier for the user 
requesting the access, and in response to the user's request the resource 
manager resolves the globally unique identifier to an user identifier recognized 
by an external storage management system; the resource manager sending to 
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the external storage management system a request for information about the 
user, the request including the resolved user identifier; and [see col.9, lines 10 
thru col. 11, line 66] 

wherein the resource manager upon receiving a response including user 
information about the user passes the user information to the access control 
unit; and based on the user information the access control unit determines 
whether to grant the subject access to the protected object, [see col. 10 lines 

59- 66 and FIG.8] 
As per claim 3 1 : 

Sonderegger discloses the globally unique identifier is a Universal Unique 
Identifier (UUID). [see coL9, lines 9-11] 
As per claim 32: 

Sonderegger discloses the user information is organization information 
indicating whether the user is a member of an organization, [see col. 10 lines 

60- 65] 

As per claim 33: 

Sonderegger discloses the resource manager resolves the globally unique 
identifier by using a name server, [see col. 6, lines 46-53] 
As per claim 34: 

Sonderegger discloses a method of accessing a protected object, comprising: 

sending a globally unique identifier for a user to a name resolving device, 
and receiving therefrom information about the user; and [see col.9, lines 9-11] 
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sending to a storage management system containing an object a request 
for access to the object, the request including the information about the user, 
[see col. 8, lines 11-66] 

As per claim 35: as rejected on the same rationale as applied in claim 31. 
As per claim 36: 

Sonderegger discloses a computer-readable medium of computer-executable 
code for accessing a protected object, comprising: 

a first set of computer instructions for sending a globally unique 
identifier for a user to a name resolving device, and receiving therefrom 
information about the user; and [see col. 9, lines 9-67] 

a second set of computer instructions for sending to a storage 
management system containing an object a request for access to the object, the 
request including the information about the user, [see col. 8, lines 11-66] 
As per claim 37: as rejected on the same rationale as applied in claim 31. 



7. Claims 3, 34, and 36 are objected to because of the following 
informalities: 

Claim 3 needs an ending quotation such as a V (period). 

Claim 30 on line 10, states "an user identifier" should be "a user identifier". 



MINOR INFORMALITIES 
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Claims 34 and 36, with the term "therefrom" should be two words (i.e. "there 
from"). 

Appropriate correction is required. 



** For further details and descriptions of the rejections above, please refer to: 
Saito (US 6,076,077): see col.3, line 1, Et. Seq. and Figures 1-7. 
Sonderegger (US 5,893,118): see coL5, Et. Seq. and Figures 1-8. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to LEYNNA T. HA whose telephone number is (703) 305- 
3853. The examiner can normally be reached on Monday - Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, AYAZ SHEIKH can be reached on (703) 305-9648. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872- 
9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 
306-5631. 



Conclusion 
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